AWS Improved Sign In — Don’t Save Login Info

Saving information when I didn’t opt in for it to do that…

Teri Radichel
Bugs That Bite
Published in
2 min readOct 28, 2024

--

Trying out the new AWS Improved sign-in experience and it’s saving my account alias in the browser when I didn’t opt in to do that…

Hopefully that gets fixed and doesn’t get saved when you don’t check “Remember this account.”

I tried to revert to the old flow and the same thing happens, so someone has decided to store a cookie that is used by both the old and new flows that wasn’t stored before apparently. It was cleared on logout.

I changed my browser settings to clear all cookies on exit.

Now I get this screen after logging in, but if I click the Sign-in button it still goes to the AWS console.

On the next page I get this — I might have a rule blocking notifications and need to look into that. I don’t think I’m blocking the others.

--

--

Bugs That Bite
Bugs That Bite

Published in Bugs That Bite

Helping make the world a better place, one error message at a time.

Teri Radichel
Teri Radichel

Written by Teri Radichel

CEO 2nd Sight Lab | Penetration Testing & Assessments | AWS Hero | Masters of Infosec & Software Engineering | GSE 240 etc | IANS | SANS Difference Makers Award